Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-3921: huntr: Cross-Site Request Forgery (CSRF) PHP Vulnerability in firefly-iii

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

CVE
#csrf#vulnerability#web

Description

Attacker is able to logout a user if a logged in user visits attacker website.

Impact

This vulnerability is capable of forging user to unintentional logout.

Test

Tested on Edge, firefox, chrome and safari.

Fix

You should use POST instead of GET/ANY.

To expand:

One way GET/ANY could be abused here is that a person (competitor perhaps:) placed an image tag with src="<your logout link>" ANYWHERE on the internet, and if a user of your site stumbles upon that page, he will be unknowingly logged out. This is why it should be a POST with a @csrf token.

Note

While this cannot harm a users account it can be a great annoyance and is considered a valid CSRF.

Occurences

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907